Network Security Policy

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
ISO Information Security Management
Chapter 17 Controls and Security Measures
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
Saad Haj Bakry, PhD, CEng, FIEE 1 Basic Security Issues Saad Haj Bakry, PhD, CEng, FIEE.
Saad Haj Bakry, PhD, CEng, FIEE 1 The Problem of Choice Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Computer and Network Security Risanuri Hidayat, Ir., M.Sc.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Saad Haj Bakry, PhD, CEng, FIEE 1 Introduction to Network Management Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Public Key Infrastructure Ammar Hasayen ….
Saad Haj Bakry, PhD, CEng, FIEE 1 Information Security for e -Business Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Securing Information Systems
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Saad Haj Bakry, PhD, CEng, FIEE 1 Principles of Information Security Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Joseph Ferracin Director IT Security Solutions Managing Security.
Internet Security for Small & Medium Business Week 6
Saad Haj Bakry, PhD, CEng, FIEE 1 Economic Evaluations Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Security Content 1. Requirements of Security 2. Private Key, Public Key, Digital Signature 3. Security Protocols (SSL, SET) 4. Security Attack, Network.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Saad Haj Bakry, PhD, CEng, FIEE 1 Security Policy Issues Saad Haj Bakry, PhD, CEng, FIEE.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Internet Banking Key Issues Internet Banking Working Group May 14, 1998.
ACM 511 Introduction to Computer Networks. Computer Networks.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Saad Haj Bakry, PhD, CEng, FIEE 1 Network Management Support Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
E-commerce Security By John Doran. What is e-commerce?  the buying and selling of products or services over the internet [3].  Most e-commerce transactions.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
Professor Saad Haj Bakry, PhD, CEng, FIEE I T COMPONENTS MANAGEMENT.
Securing Information Systems
Securing Information Systems
Chapter 17 Risks, Security and Disaster Recovery
The Secure Sockets Layer (SSL) Protocol
Unit 8 Network Security.
Module 4 System and Application Security
Presentation transcript:

Network Security Policy PRESENTATIONS IN NETWORK SECURITY Network Security Policy Saad Haj Bakry, PhD, CEng, FIEE Saad Haj Bakry, PhD, CEng, FIEE

Network Security Policy Objectives / Contents Network Security Profile Policy Development Framework Policy Development Process Internet Security Sources Saad Haj Bakry, PhD, CEng, FIEE

Network Security Profile Network Security Policy Network Security Profile T P O Technology Organization People Environment Sources of Challenges and Protection Measures Target of Protection Information Information Protection Technical Administrative Challenges Accidental Malicious Problems Solutions: Cost / Balance Saad Haj Bakry, PhD, CEng, FIEE

Network Security Policy The Intranet Level: “Security Policy” Profile: Basic Levels The Internet Level: World Wide Users The Extranet Level: Partners / Suppliers / Customers The Intranet Level: “Security Policy” Intranet User Level Security Saad Haj Bakry, PhD, CEng, FIEE

Network Security Policy Profile: Sublevels System Level: Organization Organization Service Level Service Application Level Application Transaction Level Security Saad Haj Bakry, PhD, CEng, FIEE

Profile: Security Problems Network Security Policy Profile: Security Problems Problem Description Accessibility Who access: system / service. Availability System / service readiness. Reliability Identity / repudiation / legal information Integrity Alteration / loss of information (&SW) Confidentiality Disclosure of private information. Trust Disaster recovery. “Cost” “Challenges” versus “Protection” Saad Haj Bakry, PhD, CEng, FIEE

Profile: Challenges / Problems / Protection Network Security Policy Profile: Challenges / Problems / Protection Issues Challenges Protection Security Technology Organization / People Environment Design Management Illegal Access Viruses Repudiation Cryptanalysis Theft Destruction Natural Professional Quality Systems Access Systems Anti-Virus Firewalls Traffic Control Cryptographic Systems Standby Systems Awareness / Rights / Practice Policy / Management Laws / Regulations: Cyber-Crime Rules Accessibility Availability Reliability Integrity Confidentiality Trust “Risk / Cost” Saad Haj Bakry, PhD, CEng, FIEE

Profile: Cryptography Systems Network Security Policy Profile: Cryptography Systems Cryptography Security Symmetric Secrete Key / Public-Private Keys Confidentiality Management: Key Distribution / Key Agreement Hash Function: Message Testing Integrity Digital Signature: Authentication of Identity Reliability All the above Time-Stamping: Non-Repudiation (Proof of Transaction) Public Key Infrastructure: Digital Certificates Security Protocols: Applications Saad Haj Bakry, PhD, CEng, FIEE

Policy Development Framework Network Security Policy Policy Development Framework Cooperative / Continuous Development Base Time Scale Priorities / Choice Risk / Cost Environment Security Profile Architecture: * Network / Services Architecture Organization Requirement Current State: * Structure / Function Tools Development Target State: * Case (*) Related Structure Saad Haj Bakry, PhD, CEng, FIEE

Policy Development Process Network Security Policy Policy Development Process Prepare “Base” Establish “Case” Investigate “Development” Identify “Target State” Implementation Testing Re-Evaluate R Cooperative Development People Involved Environment Information Organization Using Computer Tools Evaluation Methods: Risk / Cost / Priorities / Choice Practical Work Saad Haj Bakry, PhD, CEng, FIEE

Process: Choosing from Alternative Options Network Security Policy Process: Choosing from Alternative Options IDENTIFY CRITERIA / DECIDE ON WEIGHTS GET CHOICES / SET GRADES EVALUATE SCORES OTHER VIEWPOINTS L CHOICE Saad Haj Bakry, PhD, CEng, FIEE

Process: Risk (loss) v. Cost (security) Network Security Policy Process: Risk (loss) v. Cost (security) Balance Risk Cost Saad Haj Bakry, PhD, CEng, FIEE

Process: Risk / Cost Examples Network Security Policy Process: Risk / Cost Examples Issue Fact Virus Damage The damage of the “I Love Virus” (May 2000) was estimated to be “$ 10-15 billion” with the majority of the damage done in the first few hours. (The virus destroyed files and sent itself to others through MS Outlook Address Book) Spending on Data Security Estimated by “IDC” (International Data Corporation). “$ 6.2 billion” (1999) / “$ 14.8 billion” (2003) Building a “Digital Certificate Infrastructure” Estimated by “Identrus” ( Consortium of Global Financial Companies) for financial organizations to provide trusted B-to-B e-Commerce. “$ 5 – 10 million” Saad Haj Bakry, PhD, CEng, FIEE

Important “Security” Webs (1/3) Network Security Policy Important “Security” Webs (1/3) Subject Web RSA Algorithm www.rsasecurity.com PGP (Pretty Good Privacy): MIT P-K “Web of Trust” Web.mit.edu/network/pgp.html Time-stamping www.authentidate.com US Legislation in Information Security www.itaa.org/infosec Certification Authorities www.verisign.com www.thawte.com Saad Haj Bakry, PhD, CEng, FIEE

Important “Security” Webs (2/3) Network Security Policy Important “Security” Webs (2/3) Subject Web Netscape SSL: Secure Socket Layer www.netscape.com/security/index.html developer.netscape.com/tech/ security/ss1/protocol.html PCI: Peripheral Component Interconnect cards www.phobos.com/products/ infamily.htm SET: Secure Electronic Transaction www.setco.org www.visa.com www.visa.com/nt/ecomm/security/mail.html www.mastercard.com Saad Haj Bakry, PhD, CEng, FIEE

Important “Security” Webs (3/3) Network Security Policy Important “Security” Webs (3/3) Subject Web MS Authenticode msdn.microsoft.com/workshop/ security/authcode/signfaq.asp security/authcode/authwp.asp Firewalls www.interhack.net/pubs/fwfaq Kerberos www.pdc.kth.se/kth-krb Magazines www.networkcomputing.com/consensus www.scmagazine.com www.insightview.com Saad Haj Bakry, PhD, CEng, FIEE

Network Security Policy Remarks Security Profile: Basic Factors: Technology / Organization / People / Environment Levels: User / Intranet / Extranet / Internet Sublevels: Application / Service / System Challenges / Protection / Security Measures Development Framework / Process: Base: Organization / Network / Security Profile Case: Requirements / Tools / Current State Development: Risk / Cost / Priorities / Cost Target / Implementation / Testing / Cooperative Development Saad Haj Bakry, PhD, CEng, FIEE

Network Security Policy References L.A. Worbel, Disaster Recovery Planning for Telecommunications, Artech House (US), 1990. Telecommunications Management: Network Security, The National Computing Centre Limited, UK, 1992. D.Minoli, Telecommunications Technology Handbook, Artech House(US), 1991. F. Botto, Dictionary of e-Business, Wiley (UK), 2000. H.M. Deitel, P.J. Deitel, K. Steinbuhler, e-Business and e-Commerce for Managers, Prentice-Hall (USA), 2001 S.H. Bakry, F.H. Bakry, “Identifying information network profiles for planning management”, International Journal of Network Management, Vol. 10, No. 6, Nov. / Dec. 2000, pp.313-322. Saad Haj Bakry, PhD, CEng, FIEE

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.